/************************************************************************************************
 * Copyright (c) 2015. Lorem ipsum dolor sit amet, consectetur adipiscing elit.                 *
 * Morbi non lorem porttitor neque feugiat blandit. Ut vitae ipsum eget quam lacinia accumsan.  *
 * Etiam sed turpis ac ipsum condimentum fringilla. Maecenas magna.                             *
 * Proin dapibus sapien vel ante. Aliquam erat volutpat. Pellentesque sagittis ligula eget metus.
 * Vestibulum commodo. Ut rhoncus gravida arcu.                                                 *
 ************************************************************************************************/

package me.send.common.shiro;


import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;

import me.send.framework.util.LoggerUtils;

/**
 * @author MaxMin.
 */

public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc.FormAuthenticationFilter {

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
        LoggerUtils.info(getClass().getName(),"visit into FormAuthenticationFilter'onAccessDenied method!");
        if (request.getAttribute(getFailureKeyAttribute()) != null) {
            return true;
        }
        //表示验证成功
        Subject currentUser = SecurityUtils.getSubject();
		Session session = currentUser.getSession();
		session.setAttribute("remoteIp", request.getRemoteAddr());
        return super.onAccessDenied(request, response, mappedValue);
    }
}
